﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Microsoft.Security.Application;


namespace System.Web.Mvc    
{
    public static class XSSHelper
    {
        //Anything that will be displayed back in raw text should be using this method
        public static string XssEncode(this HtmlHelper helper, string input)
        {
            return Encoder.HtmlEncode(input);
        }

     
        //Safe HTMl will remove dodgy characters and scripts but still allow html to render properly
        public static string HtmlSanitise(this HtmlHelper helper, string input)
        {
            return Sanitizer.GetSafeHtml(input);
        }
    }
}